What is a block cipher?
Block cipher definition
A block cipher is a cryptographic algorithm that encrypts data, turning it into fixed-size ciphertext blocks through a series of well-defined transformation rounds. These blocks are later decrypted using the same cryptographic key.
It works by breaking the plaintext into a number of sequential blocks, which are then encrypted using the cryptographic key. The result is the blocks of ciphertext connected in a particular sequence. When the ciphertext travels to its endpoint, the receiver uses the same cryptographic key to decrypt the ciphertext blockchain to the plaintext message.
The most common block cipher algorithms
Bellow find information about the most popular encryption algorithms with underlying block cipher technology:
- Advanced Encryption Standard (AES). One of the most popular block cipher variants, AES can be used in various applications and many different industries, stretching from IT and cybersecurity to finance. In fact, AES is commonly used by top-level governmental and military agencies for secure communications.
- Data Encryption Standard (DES). Developed in the 70s, DES was one of the first cryptographic algorithms used for commerce and government affairs. It created a precedent for a new modern cryptographic algorithm to be developed. However, it’s no longer considered a secure method of encryption to use in modern applications.
- Triple Data Encryption Algorithm (Triple DES). Triple DES was created when DES could no longer secure against modern cryptography threats. It applies the DES algorithm to each plaintext block three times during the encryption process. However, Triple DES is now overshined by AES, an algorithm offering both better performance and more robust security.
Stream cipher
Stream cipher definition
A stream cipher is a cryptographic algorithm that encrypts messages in a continuous stream, one bit of data at a time. It uses a statistically random keystream to encrypt data, accounting for the security of the whole encryption.
The encryption starts with the stream cipher’s algorithm generating a pseudorandom keystream made out of an encryption key and a unique randomly generated number called nonce. The result is a stream of random bits that match the length of the plaintext. Afterward, the plaintext is also broken down into single bits, which are then combined with the keystream bits one bit at a time. This way, the plaintext gradually converts to the ciphertext using an XOR bitwise operation.
When the receiver wants to decrypt the ciphertext, they have to generate the same keystream created during the encryption process. The ciphertext is then matched with it bit by bit to derive the plaintext at the receiver’s end.
The most common stream cipher algorithms
Have a glimpse into the three most popular stream cipher algorithms:
- Rivest Cipher 4 (RC4). An algorithm used for cryptographic applications in the past, RC4 was lauded for its simplicity and efficiency. However, modern cryptographic threats have pinpointed its vulnerabilities, and RC4 is no longer recommended to be used for secure encryption.
- Salsa20. Salsa20 became a popular encryption algorithm in the 00s thanks to its good performance, simple usage, and strong security. It stands out for its ability to serve as a base when building other cryptographic protocols. It’s still widely used for various applications.
- Grain-128. This algorithm was specifically designed to work in environments with limited computing resources. It’s typically used for devices that run on radio frequency and low-power sensors. Grain-128 is lightweight, efficient, and can offer robust security.
Differences between block cipher and stream cipher
Though block and stream ciphers belong to symmetric cryptography, their inherent features and the way they work and are used differ significantly. So, let’s take a closer look at both ciphers’ qualities and differences.
Block cipher | Stream cipher |
---|---|
Encrypts data in fixed-size blocks | Encrypts data bit by bit |
Used for data-at-rest encryption | Used for data-in-transit encryption |
Requires high processing power | Requires low processing power |
High computational load | Low computational load |
Can operate as a stream cipher | Cannot operate as a block cipher |
Data processing
The most obvious difference between the block cipher and stream cipher is how they process data. Block cipher encrypts the plaintext in predetermined-size blocks, whereas stream cipher encrypts the plaintext matching it bit by bit with the generated keystream.
Speed and resources
In regard to speed, a stream cipher is generally considered faster than a block cipher because it works in a more straightforward way and uses less overhead. However, high speeds don’t depend solely on the algorithm’s design, and there are instances when block ciphers can outperform stream ciphers. For instance, AES has been specially optimized to produce better speeds and is outrunning many stream cipher variants.
Both ciphers have distinct resource management systems, with the stream cipher winning the efficiency race. Stream ciphers typically have lower memory requirements because they process data bit by bit. Meanwhile, block ciphers process data in fixed-size blocks, which consume much more memory.
Block ciphers require more processing power because their code is larger than stream ciphers', while the latter needs way less power to process data in its sequential manner. Block ciphers use longer keys to grant a high level of security, but it also increases the computational load during key setup. It’s a whole different story with stream ciphers, which use shorter keys that reduce the computational effort.
Operation modes
While there are only two types of stream ciphers, block ciphers have multiple operation modes and can even take the form of a stream cipher.
Let’s look at the most prevalent block cipher modes:
- Electronic codebook (ECB). It’s one of the weakest operation modes because it encrypts and decrypts data blocks independently in the same exact way, making it easy for hackers to detect patterns.
- Cipher block chaining (CBC). This operation mode works by connecting plaintext blocks with previously encrypted plaintext blocks. However, this mode is slow and susceptible to manipulation.
- Cipher feedback (CFB). The CFB operates similarly to a stream cipher: It generates a keystream to encrypt the plaintext block using XOR. CFB’s main drawback is that an error in one blockchain can be carried into the next one.
- Output feedback (OFB). This mode works similarly to CFB by transforming a block cipher into a stream cipher. However, it does that without processing the plaintext in fixed-size blocks before encrypting it.
- Counter (CTR). The CTR mode transforms a block cipher into a synchronous stream cipher. It was designed to encrypt plaintext data of various lengths in situations when the streamed data is of variable length, for instance, in disk and network encryption.
To compare, stream ciphers are usually classified into two types:
- Synchronous. As the name implies, synchronous stream ciphers require that both the sender and the receiver of the encrypted data would be in sync. These ciphers operate with the keystreams that don’t rely on the previous plaintext or ciphertext.
- Asynchronous. This stream cipher doesn’t rely on synchronization and is a good solution for mobile networks or variable-speed data transmission. Asynchronous stream ciphers usually generate their keystream based on the plaintext and previous ciphertext bits.
Usage
The usage of the two ciphers corresponds directly to their inherent qualities. Block ciphers are typically used to encrypt passwords, files, databases, disks, and other fixed-size data structures. It’s also a preferred encryption method to implement in communication protocols. Meanwhile, stream ciphers are a go-to solution to encrypt internet connection, real-time and wireless communication, and data streaming.
There are also instances when the two ciphers can be used in tandem to address various encryption needs within the same system.
Like what you’re reading?
Get the latest stories and announcements from NordVPN
We won’t spam and you will always have the choice to unsubscribe